Date: Sun, 8 Aug 2004 14:10:44 -0400 From: mailist@whoweb.com To: freebsd-questions@freebsd.org Subject: IPFW/NATD Transparent Proxy Message-ID: <200408081410.44127.mailist@whoweb.com>
next in thread | raw e-mail | index | archive | help
Anyone up for a challenge? I've come to the conclusion that IPFW/NATD cannot support transparent proxying with ONLY stateful rules. I'd like to hear from anyone who has been successful doing so in case I'm missing something. Configuration is: FreeBSD 5.2.1 3 - NICS (de0, de1, de2) de1 = Public IP = 1.2.3.4 de2 = LAN1 = 192.168.1.0 de3 = LAN2 = 192.168.2.0 The challenge: 1) TCP request from 192.168.1.247 to 1.2.3.4:80 2) Redirect 1.2.3.4:80 to 192.168.2.250:80 3) Use stateful rules On another note, I read somewhere on the Internet that IPFILTER has a limitation in that it cannot redirect a public destination to a private destination if the source machine is on the same subnet as the redirected destination. In other words, the following supposedly will not work: 1) A tcp request from 192.168.1.247 to 1.2.3.4:80 2) Redirect 1.2.3.4:80 to 192.168.1.100:80 Is this an accurate limitation of IPFILTER? J
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200408081410.44127.mailist>